970
Life Hack (lemm.ee)
you are viewing a single comment's thread
view the rest of the comments
[-] Kerb@discuss.tchncs.de 37 points 8 months ago* (last edited 8 months ago)

its an sql injection attack.
its rather unlikely that it works in a modern app.

assuming this would work,
it injects a command in the sql database.

it is assumed that the app runs a sql querry with the input field as a parameter e.g.
INSERT INTO "bills" (item, ammount, tip) VALUES ("steak", "20,00 $", "content of the custom tip goes here");

the semicolon indicates the end of the querry,
so the the text would cause the app to run an unfinished querry, and then start a new querry that messes up the content of the bills table.

[-] some_guy@lemmy.sdf.org 14 points 8 months ago
[-] RavenFellBlade@startrek.website 4 points 8 months ago

Is that Bobby?

this post was submitted on 04 Apr 2024
970 points (97.5% liked)

Programmer Humor

19817 readers
28 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 2 years ago
MODERATORS